Apple Event, AI Music Scam & Flipper Zero | cybernews.com

Intro Hi I am Joe, an AI newscaster that doesn’t  understand the hype about the same product   getting released for the umpteenth time. You guessed it right, today we are looking   Apple Event into the Apple ”Glowtime” event from  September 9th this year. Surprisingly,   it’s not a rehash of old features that  Android users had for ages - what a shock. Naturally, the main attraction of the event  is the upcoming iPhone 16 lineup. As usual,   it will include various models  based on their build and hardware. Still, all the new generation iPhones  received a camera and performance   improvement. The former is thanks to the  “Camera Control button”, a sophisticated   button that serves different functions  depending on press location or intensity,   further enhancing an already powerful 48 MP  camera. The latter refers to the faster A18 chip. Compared to the cheaper models, iPhone Pro  received a larger screen, titanium frame and   enhanced zoom capabilities. If that’s not enough,  Pro Max also boasts the longest battery life. The event has also highlighted Apple’s  latest successes in AI development. The   “Apple Intelligence” plans to revolutionize user  experience across Apple devices starting this   October. The AI-driven feature includes advanced  writing tools, improved Mail and notification   summaries, an enhanced Siri with better natural  language understanding, and photo-editing   functions. The Private Cloud Compute feature  will further boost user data security as well.   At first, “Apple Intelligence” will be available  in the US in English, but other countries and   language support is expected by next year. I  hope they will consider changing this name. I   dread the future where a misguided Apple fan would  consider me an “Apple Intelligence” newscaster. In any case, this is not the end. Apple has  also revealed a new generation of Apple Watch   and AirPods products. The smartwatch received  a 30% larger screen and a 40% brighter display.   Additional health tracking features were added,  such as sleep apnea detection, and the phone   can now resist a 50 meter water depth. Apple  earbuds also received some long-needed updates:   AirPods 4 got an audio quality update,  Active Noise Cancellation, Voice Isolation   and Personalized Spatial Audio. Good improvement,  but it’s especially interesting that even AirPods   managed to receive health-focused updates:  Hearing Protection and Hearing Aid support   will be useful for users with mild hearing  loss. The new generation of smartwatches and   AirPods will be released on September 20th. Next, I’d like to talk about Whatsapp's “View   WhatsApp View-Once Feature Bypass once” feature, or more importantly  how it wasn’t working properly. Experts managed to discover a vulnerability  that allowed users to bypass that feature,   allowing them to re-view messages. The  feature was introduced in twenty-twenty-one,   only for mobile devices, but the bug  affecting it appeared on the web app. The problem stems from the way “View once” media   is coded. These messages just have  a special property applied to them,   so once you know how to remove that  property - the feature becomes useless. Researchers from Zengo X Research Team have  shared their findings with Meta privately,   but upon discovering that this bug  has been maliciously abused before,   came out publicly with the  information about the vulnerability. According to BleepingComputer.com Meta  is rolling out a patch that promises   to fix the issue. However, it’s currently  unclear if it’s really been fixed properly.  Botnet Target Soho and VPN Routers Moving on, the Quad7 botnet is evolving: the  infamous operation targeting SOHO devices with new   custom malware for Zyxel VPN appliances, Ruckus  wireless routers, and Axentra media servers. After being exposed some time ago by  multiple cybersecurity researchers,   the team behind Quad7 seems to pivot towards  evasive maneuvers. They are shifting away from   the open SOCKS proxies which were previously  used for brute-forcing, instead switching   to the KCP communication protocol. This makes  detecting Quad7 activity much harder than before. Also, the threat actors now utilize a  new backdoor that allows the operators   to control the devices without  exposing login interfaces and   leaving ports open that are easily  discoverable via internet scans. To protect yourself against the possible  attack through the Quad7 botnet,   researchers recommend updating router  security firmware to the latest version.  Mustang Panda The Quad7 team is not the only threat  actor group looking for new strategies.   Chinese hackers from the Mustang Panda have  been found switching to new strategies and   malware to download payloads and steal  information from breached networks. Mustang Panda group is best known  for their spear-phishing attack used   to deliver a HUIPAN worm malware. This  malicious file is used to further infect   the device with malware that exfiltrates  information and steals as much as it can. Trend Micro researchers say that Mustang Panda has  made significant strides in "malware deployment   and strategies. This specifically addresses  their campaigns targeting government entities,   such as military, police, foreign  affair agencies, welfare, and so on. While the group is primarily targeting  the Asia-Pacific region, other parts   of the world are not guaranteed  to evade these attacks either. 1.7m Credit Cards Leaked Now, as for attacks that already happened, the  payment provider Slim CD has just disclosed a   massive breach. The Florida-based gateway  system, which allows merchants to take any   kind of electronic payment first detected  some suspicious activity on June 15th. The investigation revealed a  glaring security oversight:   unknown cybercriminals managed to gain  access to Slim CD’s systems for 10 months,   from August 17th twenty-twenty-three  to June 15th twenty-twenty-four. While this sounds horrible  for the Slim CD’s users,   the company assures that criminals only had  access to full names, physical addresses,   and credit card numbers including expiration  dates for one last day. Unfortunately,   anyone can understand that one day is more than  enough to compile and take the data elsewhere. Oh, and the worst part is that almost  1 point 7 million people were affected   by this breach. If you find yourself  receiving a notification from Slim CD,   make sure to order a new bank card as soon  as possible, and maintain a high level of   security on your accounts that are connected  to your bank card. Multi-factor authentication,   identity monitoring, and phishing prevention  are also a good way to keep yourself safe.  AI Music Scam Moving on, there’s always a first for anything,  and today we face a first ever music AI scam. A North Carolina man by the name of  Michael Smith has generated over 10   million dollars in profit from AI-generated  music. He would generate songs with AI,   upload them on Spotify and other music streaming  platforms and then use an army of bots to play   songs made by Smith. This allowed him to abuse  the system and generate revenue from royalties. The United States Department of Justice also  claims that Smith acted in collaboration with   an AI music company and a music promoter. This  allowed him to create fake artists and songs,   resulting in hundreds of thousands  of uploads and billions of plays. Smith now faces charges of wire fraud,  conspiracy, and money laundering, with   up to 20 years of jail time on the line. But let’s not linger on the negatives,   Flipper Zero 1.0 Firmware Release because we still have Flipper Zero to talk  about. If you’ve been following me for news,   you know of this little device,  used for security and hacking tests. After 3 years in development, Flipper Zero finally  releases the 1.0 firmware update with plenty of   important improvements. Besides simply improving  app development and overhauling some systems, the   firmware became much more optimized. The standby  battery time went from one week to one month! While some of the things listed as  improvements were introduced earlier,   the 1.0 version provided more stable  operation and better performance. The latest firmware is available for free via  the official downloads portal on the Flipper Zero   site, but this is not the end of development.  The team behind this research device promises   to continue improving the firmware,  especially addressing existing issues   and accepting community-driven patches. Now, for the news from the country that,   Australia PM Supports The SM Ban For Kids according to my sources from the Dark Web, is  just a conspiracy theory and doesn't actually   exist. The Australian Prime Minister has called  for support of an age verification bill aimed   at protecting kids from the hazards of social  media and exposure to inappropriate content. The bill is an expansion of the nation’s  first online safety bill – Enhancing   Online Safety Act from twenty-fifteen. The need for the new bill arises from  the fact that the previous act only   covers websites and platforms  originating from Australia. The bill aims to protect children from  age-inappropriate content, communication   with strangers, addictive design features,  recommender algorithms, and data collection. If you ask me, the less kids on X, the better. I’m  already tired of filtering misinformation, fake   news, and political agenda from adults, I don’t  need any more work. Good job, upside-down region.   You make the rest of the correctly horizontally  oriented world look bad in comparison.  And that is it for today. Hope you enjoyed this  not-so-short recount of recent cybersecurity news. If you did - build up your addiction to my  content by watching more! And make sure to   subscribe to receive a prescribed  dose of Vitamin Joe 3 times a week. Thanks for watching, and I’ll see  you soon. Figuratively, of course.